On Thu, Jan 25, 2024 at 07:17:21PM +0100, Daniel Vetter wrote: > On Tue, Jan 23, 2024 at 06:09:05AM +0000, Jason-JH Lin (林睿祥) wrote: > > Hi Maxime, Daniel, > > > > We encountered similar issue with mediatek SoCs. > > > > We have found that in drm_atomic_helper_commit_rpm(), when disabling > > the cursor plane, the old_state->legacy_cursor_update in > > drm_atomic_wait_for_vblank() is set to true. > > As the result, we are not actually waiting for a vlbank to wait for our > > hardware to close the cursor plane. Subsequently, the execution > > proceeds to drm_atomic_helper_cleanup_planes() to free the cursor > > buffer. This can lead to use-after-free issues with our hardware. > > > > Could you please apply this patch to fix our problem? > > Or are there any considerations for not applying this patch? > > Mostly it needs someone to collect a pile of acks/tested-by and then land > it. > > I'd be _very_ happy if someone else can take care of that ... > > There's also the potential issue that it might slow down some of the > legacy X11 use-cases that really needed a non-blocking cursor, but I think > all the drivers where this matters have switched over to the async plane > update stuff meanwhile. So hopefully that's good. I think there was also a regression with msm no one really figured out? Maxime
Attachment:
signature.asc
Description: PGP signature
